The purpose of the Quttera Malware Scanner REST API is to scan a website/domain as well as a web page for the security issues. Such as active malware, suspicious content, defacement, phishing, outdated SSL certificates, blacklisting, and other potential or actual security problems. The API supports JSON, XML and YAML formats. Note: JSON is used as a default format if no format is specified.

HTTP Status Codes

The Quttera API will return an appropriate HTTP status codes per request.

Code Text Description
200 OK Success!
400 Bad Request An invalid request, such as a request with invalid URL, invalid format or wrong parameter is considered invalid and you will get this response.
401 Unauthorized API key is incorrect or/and is not activated.
402 Payment Required Returned when user reached scan requests limit.
403 Forbidden API key is incorrect.
404 Not Found The URI requested is invalid or the resource requested, such as URL or Investigation Report does not exist.
429 Too Many Requests Returned when a scan request cannot be performed due to daily limit. Please contact us for API Plans and Pricing.
500 Internal Server Error Something is broken. Please contact our support team email the support

API request types

Resource Description Environment
POST /api/v3/<api-key>/url/scan/<domain-name>[.json|.xml|.yaml]Scan a domain/website (new scan) for malwareAny
GET /api/v3/<api-key>/url/status/<domain-name>[.json|.xml|.yaml]Get the status of the domain/website scan requestAny
GET /api/v3/<api-key>/url/report/<domain-name>[.json|.xml|.yaml]Get the detailed scan report of the domain/websiteAny
POST /api/v3/<api-key>/ssl/scan/<domain-name>[.json|.xml|.yaml]Retrieve website's SSL certificateAny
GET /api/v3/<api-key>/ssl/status/<domain-name>[.json|.xml|.yaml]Get the status of the SSL information retrieval requestAny
GET /api/v3/<api-key>/ssl/report/<domain-name>[.json|.xml|.yaml]Get website's SSL information reportAny
POST /api/v3/<api-key>/integrity/scan/<domain-name>[.json|.xml|.yaml]Scan a domain/website for integrity issuesAny
GET /api/v3/<api-key>/integrity/status/<domain-name>[.json|.xml|.yaml]Get the status of the domain/website integrity scan requestAny
GET /api/v3/<api-key>/integrity/report/<domain-name>[.json|.xml|.yaml]Get the domain/website integrity reportAny
POST /api/v3/<api-key>/ports/scan/<domain-name>[.json|.xml|.yaml]Find the opened ports on a domainDedicated
GET /api/v3/<api-key>/ports/status/<domain-name>[.json|.xml|.yaml]Get the status of the port scanning requestDedicated
GET /api/v3/<api-key>/ports/report/<domain-name>[.json|.xml|.yaml]Get the open ports information reportDedicated
GET /api/v3/<api-key>/blacklist/status/<domain-name>[.json|.xml|.yaml]Get the blacklisting status of the domainAny
GET /api/v3/<api-key>/blacklist/report/<domain-name>[.json|.xml|.yaml]Get the detailed report per supported blacklisting authorityAny

Top

POST /api/v3/<api-key>/url/scan/<domain-name>[.json| .xml| .yaml]

Scan a domain/website for malware and blacklist via HTTP POST request

  • Parameters:

    NameTypeValue
    apikeymandatoryAPI key provided during registration
    domain-namemandatoryurl to scan
    severityoptionalCLEAN (default), POTENTIALLY_SUSPICIOUS, SUSPICIOUS, MALICIOUS. // The lowest severity of the scanned data to include in the report. Use uppercase.
    sensitivityoptionalHEURISTIC (default) or NORMAL.// Sets the malware scan sensitivity level. HEURISTIC - detects both known and unknown (Potentially Suspicious and Suspicious severities) threats as well as anomalies and behavioral-based detection. NORMAL - detects only the known (Malicious severity) threats. Use uppercase.
    crawleroptionalwget or qrobot (default). // Sets the type of crawler to use when downloading the URL content. qrobot - (default) Quttera proprietary Distributed Heuristic Crawler type - It uses the Page Rank algorithm for its increased efficiency and quality. The benefit of a distributed heuristic web crawler is that it is robust against system crashes and other events. Supported by a majority of the hosting platforms. wget - Focused Crawler type - downloads the pages that are related to each other. It is also known as a Topic Crawler because of its way of working. The focused crawler determines the following – Relevancy, Way forward. It should be used if your website set on low spec hardware.
    agentoptionaluser-agent string. // Sets the value of the user-agent to use when downloading the URL content. When the parameter is not provided, the scanner uses the default agent (user-agent string) value based on server configuration (from the configuration file).
    formatoptionalyaml, xml or json (default)

  • Usage:

    POST http://scannerapi.quttera.com/api/v3/<api-key>/url/scan/<domain-name>[.json| .xml| .yaml]
    POST http://scannerapi.quttera.com/api/v3/<api-key>/url/scan/<domain-name>
    									

  • Example request:

    XML format
    $> curl -d "severity=SUSPICIOUS&sensitivity=HEURISTIC&crawler=wget" -X POST "http://scannerapi.quttera.com/api/v3/ABABABABABABABABABABABABABABABAB/url/scan/quttera.com.xml"
    JSON format (default)
    $> curl -X POST "http://scannerapi.quttera.com/api/v3/ABABABABABABABABABABABABABABABAB/url/scan/quttera.com"
    									

  • Response:

    If an URL has already been investigated in last 15 minutes, the output will contain domain status (clean, potentially suspicious, suspicious or malicious).

    If a scan job is 'in progress', the output will contain 'current investigation status' (new, download, downloaded or scan).

    Returned Parameters:

    error Operation error code
    errorstr Literal presentation of the operation error code
    status::blacklisted Provided URL is blacklisted <yes|no>
    status::scanner_result URL investigation result: clean, potentially suspicious, suspicious, malicious or undef if URL still in progress
    status::sensitivity Sensitivity level of the scan: NORMAL or HEURISTIC
    status::state The state of the website/URL malware scan request: NEW, DOWNLOAD, DOWNLOADED, SCAN or DONE
    status::time Scan start time in epoc format
    status::url Scanned URL

  • Screenshot:
    • $> curl -X POST "http://scannerapi.quttera.com/api/v3/ABABABABABABABABABABABABABABABAB/url/scan/quttera.com.json"
      {
        "error": 200,
        "errorstr": "success",
        "status": {
          "blacklisted": "no",
          "scanner_result": "undef",
      	"sensitivity": "NORMAL",
          "state": "DOWNLOAD",
          "time": 1460373398,
          "url": "quttera.com"
        }
      }
      											

      Scan a domain for malware and blacklists

      The Quttera API request and response examples for quttera.com

Top

GET /api/v3/<api-key>/url/status/<domain-name>[.json| .xml| .yaml]

Retrieves current submitted scan investigation URL status.

  • Parameters:

    NameTypeValue
    apikey mandatory API key provided during registration
    domain-name mandatory url to get the status for
    format optional yaml, xml or JSON (JSON used by default)

  • Usage:

    GET http://scannerapi.quttera.com/api/v3/<api-key>/url/status/<domain-name>[.json| .xml| .yaml]
    GET http://scannerapi.quttera.com/api/v3/<api-key>/url/status/<domain-name>
    									

  • Example request:

    YAML format
    GET http://scannerapi.quttera.com/api/v3/ABABABABABABABABABABABABABABABAB/url/status/quttera.com.yaml
      									

  • Response:

    If requested URL doesn't exist in database, the query returns not-found (404) error.

    If URL was found then its investigation status is being returned.

    Returned Parameters:

    error Operation error code
    errorstr Literal presentation of the operation error code
    status::blacklisted Provided URL is blacklisted <yes|no>
    status::scanner_result URL investigation result clean, potentially suspicious, suspicious, malicious or undef if URL still in progress
    status::sensitivity Sensitivity level of the scan: NORMAL or HEURISTIC
    status::state URL progress state NEW, DOWNLOAD, DOWNLOADED, SCAN or DONE
    status::time Scan start time in epoc format
    status::url Scanned URL

  • Screenshot:
    • $> curl -X GET "http://scannerapi.quttera.com/api/v3/ABABABABABABABABABABABABABABABAB/url/status/blog.quttera.com.yaml"
      error: 200
      errorstr: success
      status:
        blacklisted: 'no'
        scanner_result: potentially suspicious
        sensitivity: "HEURISTIC"
        state: DONE
        time: 1460288238
        url: blog.quttera.com
        												

      Get status of the malware scan request

      The Quttera API request and response example for blog.quttera.com

Top

GET /api/v3/<api-key>/url/report/<domain-name>[.json| .xml| .yaml]

Retrieves detailed investigation report for previously scanned domain/website.

  • Parameters:

    NameTypeValue
    apikey mandatory API key provided during registration
    domain-name mandatory url to get the scan report for
    format optional yaml, xml or JSON (JSON used by default)

  • Usage:

    GET http://scannerapi.quttera.com/api/v3/<api-key>/url/report/<domain-name>[.json|.xml|.yaml]
    GET http://scannerapi.quttera.com/api/v3/<api-key>/url/report/<domain-name>
    							

  • Example request:

    YAML format
    GET http://scannerapi.quttera.com/api/v3/ABABABABABABABABABABABABABABABAB/url/report/quttera.com.yaml
    							

  • Response:

    Returns detailed scan report for previously scanned domain/website.
    Returned Parameters:

    error Operation error code
    errorstr Literal presentation of the operation error code
    report::blacklist_report::blacklist_status Scanned URL blacklisting status, NoThreat if URL is not blacklisted
    report::blacklist_report::providers List of blacklisting providers. Each report contains the following fields:
    • name - blacklisting provider name
    • status - blacklisting status
    • Reason - result generation time
    report::blacklisted_domains Blacklisted domain list detected during URL investigation
    report::blacklisted_domains_count Blacklisted domain count number detected during URL investigation
    report::blacklisted_iframes Blacklisted iframe list detected during URL investigation
    report::blacklisted_iframes_count Blacklisted iframe count number detected during URL investigation
    report::blacklisted_links Blacklisted link list detected during URL investigation
    report::blacklisted_links_count Blacklisted link count number detected during URL investigation
    report::domains Domain list detected during URL investigation
    report::domains_count Domain count detected during URL investigation
    report::files Malware scan report list per file downloaded from a domain/website. The following fields are displayed per the report:
    • MD5 - file/page MD5
    • details - more details about detected threats
    • dump - dump of the detected threat
    • dumpMD5 - dump MD5
    • endtime - time when the investigation of this page/file has been finished
    • filename - URI of this file/page
    • filesize - size of this page/file in bytes
    • filetype - type of this page/file in bytes
    • line - a line in the file where the detected threat is located (text file only)
    • offset - an offset in the line where the detected threat is located (text file only)
    • reason - reason why file/page was detected
    • scantime - scan time in seconds
    • threat - classification of the detected threat
    • threat_name - the name of the detected threat
    report::iframes Detected iframe list during URL investigation
    report::iframes_count Detected iframe count during URL investigation
    report::links List of links detected during URL investigation
    report::sandbox_requests List of all HTTP requests. Available in a dedicated environment only.
    • required_url - requested URL
    • required_ip - requested IP
    • redirected_url - web address in a redirect response
    • redirected_ip - IP of the web address in a redirect response
    • http_method - type of the HTTP request
    • http_status_code - status of the HTTP request
    report::links_count Links count detected during URL investigation
    report::malicious_files Malicious file detection count during URL investigation
    report::psuspicious_files Potentially suspicious files count detected during URL investigation
    report::suspicious_files Suspicious files count detected during URL investigation
    report::scanned_content Downloaded and investigated content size (bytes)
    report::scanned_files Scanned files count
    report::state URL/domain investigation state
    report::sensitivity Sensitivity level of the scan: NORMAL or HEURISTIC
    report::time Invetigation report generation time in epoc format
    report::timestr Invetigation report generation time in ascii format
    report::url Scanned URL

  • Screenshot:
    • error: 200
      errorstr: success
      report:
        blacklist_report:
          blacklist_status: NoThreat
          providers:
          - name: Google Safebrowsing
            status: NoThreat
            time: '1460288238'
          - name: MalwareDomainList
            status: NoThreat
            time: '1446634120'
          - name: Phishtank
            status: NoThreat
            time: '1446634120'
          - name: Quttera Labs
            status: NoThreat
            time: '1446634120'
          - name: Yandex Safebrowsing
            status: NoThreat
            time: '1460288238'
        blacklisted_domains: {}
        blacklisted_domains_count: 0
        blacklisted_iframes: {}
        blacklisted_iframes_count: 0
        blacklisted_links: {}
        blacklisted_links_count: 0
        domains:
          2.bp.blogspot.com: NoThreat
          add.my.yahoo.com: NoThreat
          apis.google.com: NoThreat
          blog.quttera.com: NoThreat
          blogger.com: NoThreat
          helpdesk.quttera.com: NoThreat
          img1.blogblog.com: NoThreat
          quttera.blogspot.co.il: NoThreat
          quttera.blogspot.co.uk: NoThreat
          quttera.blogspot.com: NoThreat
          quttera.com: NoThreat
          search.yahoo.com: NoThreat
          wordpress.org: NoThreat
          www.blogger.com: NoThreat
          www.bluesnap.com: NoThreat
          www.netvibes.com: NoThreat
          youtube.com: NoThreat
        domains_count: 33
        files:
        - MD5: 13A77058E307411490672C9D1737DD9C
          details: Too low entropy detected in string [["..."]]
            of length 168 which may point to obfuscation or shellcode.
          dump: '[[ ... ]]'
          dumpMD5: CD4E058F528912C966F9DE35F29A4465
          endtime: Sun Apr 10 13:37:16 2016
          filename: www.blogger.com/static/v1/widgets/1976504288-widgets.js
          filesize: '102035'
          filetype: ASCII
          line: '159'
          offset: '45'
          reason: Detected procedure that is commonly used in suspicious activity.
          result: '8'
          scantime: '5.700000'
          threat: Potentially Suspicious
          threat_name: PS.SuspScript.gen
        - MD5: 7DFD909FC235AF20392AB15C2B7500B3
          details: File is clean
          dumpMD5: '00000000000000000000000000000000'
          endtime: Sun Apr 10 13:37:02 2016
          filename: blog.quttera.com/index.html
          filesize: '115323'
          filetype: HTML
          offset: '0'
          reason: No significant issues detected.
          result: '1'
          scantime: '0.843000'
          threat: Clean
        iframes:
          <iframe allowfullscreen%3D"" frameborder%3D"0" src%3D"https://www.youtube.com/embed/zPhj16hzj8g">: NoThreat
        iframes_count: 2
        links:
          blog.quttera.com//b/csi.js?h%3Drf2qna3orel6eez56hjgxruq77qjyxbefnbscbe0iuq: NoThreat
          blog.quttera.com//js/cookiechoices.js: NoThreat
          blog.quttera.com//search/label/website-malware-scanning-products: NoThreat
          blog.quttera.com/javascript:history.go(-1)%3B: NoThreat
          blog.quttera.com/javascript:void(0): NoThreat
          blog.quttera.com/mailto:contactus@quttera.com: NoThreat
          http://2.bp.blogspot.com/-rzmm8l4tq5c/umzunv_uxui/aaaaaaaaa0i/m8pc8aawm9e/s1600/shlomo_hacked.png: NoThreat
          http://downloads.mailchimp.com/js/jquery.mailcheck.min.js: NoThreat
          https://www.youtube.com/embed/zphj16hzj8g: NoThreat
          ...
        sandbox_requests:
        - required_url:   https://orig.quttera.com/some-uri
          required_ip:    209.126.10.3
          redirected_url: https://redirected.quttera.com/another-uri
          redirected_ip:  209.126.10.4
          http_method:    GET
          http_status_code: 301
        - required_url:   https://orig2.quttera.com/some-uri
          required_ip:    209.126.10.5
          redirected_url: https://redirected2.quttera.com/another-uri
          redirected_ip:  209.126.10.6
          http_method:    POST
          http_status_code: 302
        links_count: 137
        malicious_files: 0
        psuspicious_files: 1
        scanned_content: 1431315
        scanned_files: 24
        state: clean
        sensitivity: HEURISTIC
        suspicious_files: 0
        time: 1460288237.616
        timestr: Sun Apr 10 13:37:17 2016
        url: blog.quttera.com
      

      Get detailed malware scan report for domain/website

      Quttera API request and response examples for quttera.com

Top

POST /api/v3/<api-key>/ssl/scan/<domain-name>[.json| .xml| .yaml]

Retrieves website's SSL certificate.

  • Parameters:

    NameTypeValue
    apikey mandatory API key provided during registration
    domain-name mandatory url to get the scan report for
    format optional yaml, xml or JSON (JSON used by default)

  • Usage:

    POST http://scannerapi.quttera.com/api/v3/<api-key>/ssl/scan/<domain-name>[.json|.xml|.yaml]
    POST http://scannerapi.quttera.com/api/v3/<api-key>/ssl/scan/<domain-name>
    							

  • Example request:

    JSON format (default)
    POST http://scannerapi.quttera.com/api/v3/ABABABABABABABABABABABABABABABAB/ssl/scan/quttera.com.json
    							

  • Response:

    The response varies depending on the existence of a similar request in the queue. If there is an SSL scan request 'in progress', the output will contain its status (new, scan, scanned or done).

    If SSL information for the URL exists in the database and is no older than 15 minutes, the output will contain SSL details similar to the response of the SSL report query.


    Returned Parameters:

    error Operation error code
    errorstr Literal presentation of the operation error code
    status::state SSL request's progress state NEW, SCAN , SCANNED or DONE

  • Screenshot:
    • $> curl -X POST "http://scannerapi.quttera.com/api/v3/ABABABABABABABABABABABABABABABAB/ssl/scan/quttera.com.json"
      {
        "error": 200,
        "errorstr": "success",
        "status": {
      	"state": "new"
        }
      }
      									

      Retrieve a website's SSL certificate

      The Quttera API request and response examples

Top

GET /api/v3/<api-key>/ssl/status/<domain-name>[.json| .xml| .yaml]

Get status of the SSL information retrieval request.

  • Parameters:

    NameTypeValue
    apikey mandatory API key provided during registration
    domain-name mandatory url to get the status for
    format optional yaml, xml or JSON (JSON used by default)

  • Usage:

    GET http://scannerapi.quttera.com/api/v3/<api-key>/ssl/status/<domain-name>[.json| .xml| .yaml]
    GET http://scannerapi.quttera.com/api/v3/<api-key>/ssl/status/<domain-name>
    									

  • Example request:

    YAML format
    GET http://scannerapi.quttera.com/api/v3/ABABABABABABABABABABABABABABABAB/ssl/status/quttera.com.yaml
      									

  • Response:

    Returns the status of the current SSL information retrieval request. If the request for the specified URL doesn't exist in database, the query returns not-found (404) error.

    Returned Parameters:

    error Operation error code
    errorstr Literal presentation of the operation error code
    status::state The state of the SSL Scan request: NEW, SCAN, SCANNED, or DONE
    status::time Scan start time in epoc format
    status::url Scanned URL

  • Screenshot:
    • $> curl -X GET "http://scannerapi.quttera.com/api/v3/ABABABABABABABABABABABABABABABAB/ssl/status/blog.quttera.com.yaml"
      error: 200
      errorstr: success
      status:
        state: DONE
        time: 1460288238
        url: blog.quttera.com
        												

      Get status of the API request to retrieve the website's SSL certificate

      The Quttera API request and response examples

Top

GET /api/v3/<api-key>/ssl/report/<domain-name>[.json| .xml| .yaml]

Get website's SSL information report.

  • Parameters:

    NameTypeValue
    apikey mandatory API key provided during registration
    domain-name mandatory url to get the status for
    format optional yaml, xml or JSON (JSON used by default)

  • Usage:

    GET http://scannerapi.quttera.com/api/v3/<api-key>/ssl/report/<domain-name>[.json| .xml| .yaml]
    GET http://scannerapi.quttera.com/api/v3/<api-key>/ssl/report/<domain-name>
    									

  • Example request:

    YAML format
    GET http://scannerapi.quttera.com/api/v3/ABABABABABABABABABABABABABABABAB/ssl/report/quttera.com.yaml
      									

  • Response:

    Returns the SSL certificate information for the submitted website/url.

    Returned Parameters:

    error Operation error code
    errorstr Literal presentation of the operation error code
    report::cert_issuer_cn SSL certificate authority - common name
    report::cert_issuer_o SSL certificate authority - organization name
    report::expiration_date Expiration date (timestamp)
    report::expiration_days Expiration in days (negative value means expired)
    report::expired Expired - True/False
    report::issue_date The certificate issuing date
    report::state The state of the latest SSL Scan request: NEW, SCAN, SCANNED, or DONE
    report::time Start time of the request in epoc format
    report::trusted true for the Trusted Certificate Authority; false for the self-signed SSL certificate
    report::url Scanned URL

  • Screenshot:
    • $> curl -X GET "http://scannerapi.quttera.com/api/v3/ABABABABABABABABABABABABABABABAB/ssl/report/quttera.com.yaml"
      error: 200
      errorstr: success
      report:
        cert_issuer_cn: Sectigo RSA Extended Validation Secure Server CA
        cert_issuer_o: Sectigo Limited
        expiration_date: 1645916400
        expiration_days: 709
        expired: false
        issue_date: 1584399600
        state: DONE
        time: 1584704351
        trusted: true
        url: https://quttera.com 
        												

      Get a website's SSL certificate report

      The Quttera API request and response examples

Top

POST /api/v3/<api-key>/integrity/scan/<domain-name>[.json| .xml| .yaml]

Scans a domain/website for invalid/broken HTTP headers, broken links, not secure links, page errors, redirects and other integrity issues.

  • Parameters:

    NameTypeValue
    apikey mandatory API key provided during registration
    domain-name mandatory url to get the scan report for
    format optional yaml, xml or JSON (JSON used by default)

  • Usage:

    POST http://scannerapi.quttera.com/api/v3/<api-key>/integrity/scan/<domain-name>[.json|.xml|.yaml]
    POST http://scannerapi.quttera.com/api/v3/<api-key>/integrity/scan/<domain-name>
    							

  • Example request:

    JSON format (default)
    POST http://scannerapi.quttera.com/api/v3/ABABABABABABABABABABABABABABABAB/integrity/scan/quttera.com.json
    							

  • Response:

    The response varies depending on the existence of a similar request in the queue. If there is an integrity scan request 'in progress', the output will contain its status (new, scan, scanned or done).

    If integrity information for the URL exists in the database and is no older than 15 minutes, the output will contain the integrity details similar to the response of the integrity report query.


    Returned Parameters:

    error Operation error code
    errorstr Literal presentation of the operation error code
    status::state Integrity request progress state NEW, SCAN , SCANNED or DONE

  • Screenshot:
    • $> curl -X POST "http://scannerapi.quttera.com/api/v3/ABABABABABABABABABABABABABABABAB/integrity/scan/quttera.com.json"
      {
        "error": 200,
        "errorstr": "success",
        "status": {
      	"state": "new"
        }
      }
      									

      Scan a website for the integrity issues

      The Quttera API request and response examples

Top

GET /api/v3/<api-key>/integrity/status/<domain-name>[.json| .xml| .yaml]

Get the status of the domain/website integrity scan request.

  • Parameters:

    NameTypeValue
    apikey mandatory API key provided during registration
    domain-name mandatory url to get the status for
    format optional yaml, xml or JSON (JSON used by default)

  • Usage:

    GET http://scannerapi.quttera.com/api/v3/<api-key>/integrity/status/<domain-name>[.json| .xml| .yaml]
    GET http://scannerapi.quttera.com/api/v3/<api-key>/integrity/status/<domain-name>
    									

  • Example request:

    YAML format
    GET http://scannerapi.quttera.com/api/v3/ABABABABABABABABABABABABABABABAB/integrity/status/quttera.com.yaml
      									

  • Response:

    Returns the status of the current integrity scan request. If the request for the specified URL doesn't exist in database, the query returns not-found (404) error.

    Returned Parameters:

    error Operation error code
    errorstr Literal presentation of the operation error code
    status::state The state of the integrity Scan request: NEW, SCAN, SCANNED, or DONE
    status::time Scan start time in epoc format
    status::url Scanned URL

  • Screenshot:
    • $> curl -X GET "http://scannerapi.quttera.com/api/v3/ABABABABABABABABABABABABABABABAB/integrity/status/blog.quttera.com.yaml"
      error: 200
      errorstr: success
      status:
        state: DONE
        time: 1460288238
        url: blog.quttera.com
        												

      Get status of the integrity scan request

      The Quttera API request and response examples

Top

GET /api/v3/<api-key>/integrity/report/<domain-name>[.json| .xml| .yaml]

Get website integrity report.

  • Parameters:

    NameTypeValue
    apikey mandatory API key provided during registration
    domain-name mandatory url to get the status for
    format optional yaml, xml or JSON (JSON used by default)

  • Usage:

    GET http://scannerapi.quttera.com/api/v3/<api-key>/integrity/report/<domain-name>[.json| .xml| .yaml]
    GET http://scannerapi.quttera.com/api/v3/<api-key>/integrity/report/<domain-name>
    									

  • Example request:

    YAML format
    GET http://scannerapi.quttera.com/api/v3/ABABABABABABABABABABABABABABABAB/integrity/report/quttera.com.yaml
      									

  • Response:

    Returns the integrity issues for the submitted website/url.

    Returned Parameters:

    error Operation error code
    errorstr Literal presentation of the operation error code
    report::headers A list of HTTP headers in a key/value format, where key is HTTP header name and value is the header value retrieved from the server
    report::headers_comments A list of alerts and warnings occured during validation of retrieved HTTP security headers
    report::links_alert A list of links that are broken, redirect, invalid, or have other security issues
    report::state The state of the latest integrity scan request: NEW, SCAN, SCANNED, or DONE
    report::time Start time of the request in epoc format
    report::url Scanned URL

  • Screenshot:
    • $> curl -X GET "http://scannerapi.quttera.com/api/v3/ABABABABABABABABABABABABABABABAB/integrity/report/quttera.com"
      
        "error": 200, 
        "errorstr": "success", 
        "report": {
          "headers": {
            "Connection": "keep-alive", 
            "Content-Length": "162", 
            "Content-Type": "text/html; charset=UTF-8", 
            "Date": "Wed, 15 Jul 2020 08:57:27 GMT", 
            "Link": "; rel=shortlink", 
            "Location": "https://www.quttera.com/", 
            "Server": "nginx", 
            "Transfer-Encoding": "chunked", 
            "Vary": "Accept-Encoding", 
            "X-Edge-Location-Klb": "jbyEDL2py8n1Mj9ZL4cDOpeN61e3277900e43bb23124615038d682b5", 
            "X-Kinsta-Cache": "HIT"
          }, 
          "headers_comments": [
            "ALERT: HTTP security header 'Content-Security-Policy' is missing", 
            "ALERT: HTTP security header 'X-XSS-Protection' is missing", 
            "ALERT: HTTP security header 'Strict-Transport-Security' is missing", 
            "ALERT: HTTP security header 'X-Frame-Options' is missing", 
            "ALERT: HTTP security header 'Expect-CT' is missing", 
            "ALERT: HTTP security header 'X-Content-Type-Options' is missing", 
            "ALERT: HTTP security header 'Feature-Policy' is missing", 
            "ALERT: HTTP security header 'X-Permitted-Cross-Domain-Policies' is missing", 
            "ALERT: HTTP security header 'Referrer-Policy' is missing", 
            "WARNING: HTTP header 'X-Download-Options' is missing", 
            "WARNING: HTTP header 'Public-Key-Pins' is missing", 
            "WARNING: HTTP header 'Public-Key-Pins-Report-Only' is missing"
          ], 
          "links_alert": [
            {
              "alert": "redirection", 
              "hosting_page_md5": "6666CD76F96956469E7BE39D750CC7D9", 
              "hosting_page_url": null, 
              "http_status": "200", 
              "redir_target": "https://www.quttera.com/", 
              "url": "http://quttera.com", 
              "url_md5": "6E954AAF8C45D0362E1815695FDA7C03"
            }, 
            {
              "alert": "redirection", 
              "hosting_page_md5": "6E954AAF8C45D0362E1815695FDA7C03", 
              "hosting_page_url": "http://quttera.com", 
              "http_status": "404", 
              "redir_target": "https://www.quttera.com/data:image/svg+xml,%3Csvg%20xmlns=", 
              "url": "http://quttera.com/data:image/svg+xml,%3Csvg%20xmlns=", 
              "url_md5": "F0071B39E5AD17764885E06E0FD078A1"
            }, 
            {
              "alert": "redirection", 
              "hosting_page_md5": "6E954AAF8C45D0362E1815695FDA7C03", 
              "hosting_page_url": "http://quttera.com", 
              "http_status": "403", 
              "redir_target": "https://somedomain23.com/cread.php?awinmid=5877&awinaffid=249173&clickref=&p=%5B%5Bhttps%3A%2F%2F", 
              "url": "https://www.quttera.com/location/", 
              "url_md5": "09AC9923AAAB28FD3496AD832B094EB9"
            }, 
            {
              "alert": "redirection", 
              "hosting_page_md5": "6E954AAF8C45D0362E1815695FDA7C03", 
              "hosting_page_url": "http://quttera.com", 
              "http_status": "200", 
              "redir_target": "https://somedomain23/cread.php?awinmid=6311&awinaffid=249173&clickref=", 
              "url": "https://www.quttera.com/location/", 
              "url_md5": "C3C35272D98964CA6C9652AEB3AE37C1"
            }, 
            {
              "alert": "redirection", 
              "hosting_page_md5": "6E954AAF8C45D0362E1815695FDA7C03", 
              "hosting_page_url": "http://quttera.com", 
              "http_status": "403", 
              "redir_target": "https://somedomain23.com", 
              "url": "https://www.quttera.com/location/", 
              "url_md5": "B5C00F4D65FA6441C359EA43340A740A"
            }, 
            {
              "alert": "redirection", 
              "hosting_page_md5": "6E954AAF8C45D0362E1815695FDA7C03", 
              "hosting_page_url": "http://quttera.com", 
              "http_status": "403", 
              "redir_target": "https://somedomain", 
              "url": "https://www.quttera.com/location/location2/", 
              "url_md5": "68E8BC7FF2F65D3CF6DFD68C42A4196F"
            }, 
            {
              "alert": "redirection", 
              "hosting_page_md5": "6E954AAF8C45D0362E1815695FDA7C03", 
              "hosting_page_url": "http://quttera.com", 
              "http_status": "200", 
              "redir_target": "https://www.www.somedomain23.com.com/?a=IA2973ICF", 
              "url": "https://www.quttera.com/location/", 
              "url_md5": "38DDB34F01C635FCE8C6D382B8523A5A"
            }, 
            {
              "alert": "redirection", 
              "hosting_page_md5": "6E954AAF8C45D0362E1815695FDA7C03", 
              "hosting_page_url": "http://quttera.com", 
              "http_status": "200", 
              "redir_target": "https://www.www.somedomain23.com.com/?a=IA2973ICF", 
              "url": "https://www.quttera.com/location/", 
              "url_md5": "8A20B84CEE7C7C850D527E28489C767F"
            }, 
            {
              "alert": "redirection", 
              "hosting_page_md5": "6E954AAF8C45D0362E1815695FDA7C03", 
              "hosting_page_url": "http://quttera.com", 
              "http_status": "200", 
              "redir_target": "https://www.somedomain22.com/affiliate/quote/?afflno=A061464", 
              "url": "https://www.quttera.com/location/", 
              "url_md5": "7C9C065CE86C3E373008C9014DC65201"
            }, 
            {
              "alert": "redirection", 
              "hosting_page_md5": "6E954AAF8C45D0362E1815695FDA7C03", 
              "hosting_page_url": "http://quttera.com", 
              "http_status": "200", 
              "redir_target": "https://www.somedomain.com/aff/v1/somephp.php", 
              "url": "https://www.quttera.com/location/", 
              "url_md5": "590B11B263EF8DDE93249D57DF2EFDF5"
            }, 
            {
              "alert": "redirection", 
              "hosting_page_md5": "6E954AAF8C45D0362E1815695FDA7C03", 
              "hosting_page_url": "http://quttera.com", 
              "http_status": "200", 
              "redir_target": "https://www.somedomain.com/aff/v1/somephp.php", 
              "url": "https://www.quttera.com/location/", 
              "url_md5": "253007F0170B6FF3EC0E8F8FDAEFA987"
            }, 
            {
              "alert": "redirection", 
              "hosting_page_md5": "6E954AAF8C45D0362E1815695FDA7C03", 
              "hosting_page_url": "http://quttera.com", 
              "http_status": "200", 
              "redir_target": "https://somedomain22/somephp/?AffID=0048", 
              "url": "https://www.quttera.com/location/", 
              "url_md5": "AD0B7A94387ADFB39626DF4D3CBC0246"
            }, 
            {
              "alert": "redirection", 
              "hosting_page_md5": "6E954AAF8C45D0362E1815695FDA7C03", 
              "hosting_page_url": "http://quttera.com", 
              "http_status": "200", 
              "redir_target": "https://somethingelse.pxf.io/c/154827/603173/5170?sharedid=RODP01", 
              "url": "https://www.quttera.com/location/", 
              "url_md5": "B6C53BAA8F1493D0680BD3CFFBD4BF7F"
            }, 
            {
              "alert": "redirection", 
              "hosting_page_md5": "6E954AAF8C45D0362E1815695FDA7C03", 
              "hosting_page_url": "http://quttera.com", 
              "http_status": "200", 
              "redir_target": "https://somethingelse.g6ww.net/vkAKj", 
              "url": "https://www.quttera.com/recommends/something-explained/", 
              "url_md5": "B4EDFAFA79B5A364D03BDF914F0816CB"
            }, 
            {
              "alert": "redirection", 
              "hosting_page_md5": "6E954AAF8C45D0362E1815695FDA7C03", 
              "hosting_page_url": "http://quttera.com", 
              "http_status": "200", 
              "redir_target": "https://somethingelse.pxf.io/c/154827/348706/5170?u=https%3A%2F%2Fwww.somethingelse.com%2Fblog%2Fsomethingelse-just-got-even-better-automatic-others%2F", 
              "url": "https://www.quttera.com/location/", 
              "url_md5": "99D77A928725652378BB34F80B80ED3B"
            }
          ],
          "state": "DONE",
          "time": 1587050244,
          "url": "quttera.com"
        }
      }
        												

      Get a domain/website integrity report

      The Quttera API request and response examples

Top

POST /api/v3/<api-key>/ports/scan/<domain-name>[.json| .xml| .yaml]

Find the opened ports on a domain

  • Parameters:

    NameTypeValue
    apikeymandatoryAPI key provided during registration
    domain-namemandatoryurl to scan
    formatoptionalyaml, xml or json (default)

  • Usage:

    POST http://scannerapi.quttera.com/api/v3/<api-key>/ports/scan/<domain-name>[.json| .xml| .yaml]
    POST http://scannerapi.quttera.com/api/v3/<api-key>/ports/scan/<domain-name>
    									

  • Example request:

    JSON format (default)
    $> curl -X POST "http://scannerapi.quttera.com/api/v3/ABABABABABABABABABABABABABABABAB/ports/scan/quttera.com"
    									

  • Response:

    The response varies depending on the existence of a similar request in the queue. If there is a request 'in progress' to scan for open ports on the specified domain, the output will contain its status (new, scan, scanned or done).

    If the information on the open ports for the specified domain exists in the database and is no older than 15 minutes, the output will contain open ports details similar to the response of the open ports report query.

    Returned Parameters:

    error Operation error code
    errorstr Literal presentation of the operation error code
    status::state The state of the open ports scan request: NEW, SCAN, SCANNED or DONE

  • Screenshot:
    • $> curl -X POST "http://scannerapi.quttera.com/api/v3/ABABABABABABABABABABABABABABABAB/ports/scan/quttera.com"
      {
        "error": 200,
        "errorstr": "success",
        "status": {
          "state": "NEW",
        }
      }
      											

      Scan a domain for open ports

      The Quttera API request and response examples for quttera.com

Top

GET /api/v3/<api-key>/ports/status/<domain-name>[.json| .xml| .yaml]

Get status of the current port scanning request.

  • Parameters:

    NameTypeValue
    apikey mandatory API key provided during registration
    domain-name mandatory url to get the status for
    format optional yaml, xml or JSON (JSON used by default)

  • Usage:

    GET http://scannerapi.quttera.com/api/v3/<api-key>/ports/status/<domain-name>[.json| .xml| .yaml]
    GET http://scannerapi.quttera.com/api/v3/<api-key>/ports/status/<domain-name>
    									

  • Example request:

    YAML format
    GET http://scannerapi.quttera.com/api/v3/ABABABABABABABABABABABABABABABAB/ports/status/quttera.com.yaml
      									

  • Response:

    Returns the status of the current port scanning request. If the request for the specified URL doesn't exist in database, the query returns not-found (404) error.

    Returned Parameters:

    error Operation error code
    errorstr Literal presentation of the operation error code
    status::state The state of the port scanning request: NEW, SCAN, SCANNED, or DONE
    status::time Scan start time in epoc format
    status::url Scanned URL

  • Screenshot:
    • $> curl -X GET "http://scannerapi.quttera.com/api/v3/ABABABABABABABABABABABABABABABAB/ports/status/blog.quttera.com.yaml"
      error: 200
      errorstr: success
      status:
        state: DONE
        time: 1460288238
        url: blog.quttera.com
        												

      Get status of the port scanning API request

      The Quttera API request and response examples

Top

GET /api/v3/<api-key>/ports/report/<domain-name>[.json| .xml| .yaml]

Get open ports information report.

  • Parameters:

    NameTypeValue
    apikey mandatory API key provided during registration
    domain-name mandatory url to get the status for
    format optional yaml, xml or JSON (JSON used by default)

  • Usage:

    GET http://scannerapi.quttera.com/api/v3/<api-key>/ports/report/<domain-name>[.json| .xml| .yaml]
    GET http://scannerapi.quttera.com/api/v3/<api-key>/ports/report/<domain-name>
    									

  • Example request:

    YAML format
    GET http://scannerapi.quttera.com/api/v3/ABABABABABABABABABABABABABABABAB/ports/report/quttera.com.yaml
      									

  • Response:

    Returns the list of the open ports on the submitted domain.

    Returned Parameters:

    error Operation error code
    errorstr Literal presentation of the operation error code
    report::ports::port port number
    report::ports::protocol transport protocol - TCP/UDP
    report::ports::service running service/application
    report::ports::state open, filtered or closed. // filtered means that the port is protected by a firewall; closed means that prob packet received but there is no bound application to handle the request.
    report::state The state of the latest port scanning request: NEW, SCAN, SCANNED, or DONE
    report::time Start time of the request in epoc format
    report::url Scanned URL

  • Screenshot:
    • $>  curl http://scannerapi.quttera.com/api/v3/9b4ce6659f8e5b6b53d0e1fb3fe986e9/ports/report/quttera.com
        "error": 200,
        "errorstr": "success",
        "report": {
          "ports": [
            {
              "port": "80",
              "protocol": "tcp",
              "service": "http",
              "state": "open"
            },
            {
              "port": "443",
              "protocol": "tcp",
              "service": "https",
              "state": "open"
            }
          ],
          "state": "DONE",
          "time": 1587050244,
          "url": "quttera.com"
        }
      }
        												

      Get the open ports information report for the domain

      The Quttera API request and response examples

Top

GET /api/v3/<api-key>/blacklist/status/<domain-name>[.json|.xml|.yaml]

Get the blacklisting status of the domain

  • Parameters:

    NameTypeValue
    apikey mandatory API key provided during registration
    domain-name mandatory url to get the status for
    format optional yaml, xml or JSON (JSON used by default)

  • Usage:

    GET http://scannerapi.quttera.com/api/v3/<api-key>/blacklist/status/<domain-name>[.json| .xml| .yaml]
    GET http://scannerapi.quttera.com/api/v3/<api-key>/blacklist/status/<domain-name>
    									

  • Example request:

    JSON format (default)
    GET http://scannerapi.quttera.com/api/v3/ABABABABABABABABABABABABABABABAB/blacklist/status/blog.quttera.com
      									

  • Response:

    If requested URL doesn't exist in database, the query returns not-found (404) error.

    If URL was found then its blacklisting status is being returned.

    Returned Parameters:

    error Operation error code
    errorstr Literal presentation of the operation error code
    status::blacklisted Provided URL is blacklisted <yes|no>
    status::url Scanned URL

  • Screenshot:
    • $> curl -X GET "http://scannerapi.quttera.com/api/v3/ABABABABABABABABABABABABABABABAB/blacklist/status/blog.quttera.com"  
        {
        "error": 200,
        "errorstr": "success",
        "status": {
      	"blacklisted": "no"
      	"url": "blog.quttera.com"
        }
      }
        												

      Get blacklisting status of the domain

      The Quttera API request and response example for blog.quttera.com

Top

GET /api/v3/<api-key>/blacklist/report/<domain-name>[.json|.xml|.yaml]

Get the blacklisting report for the domain

  • Parameters:

    NameTypeValue
    apikey mandatory API key provided during registration
    domain-name mandatory url to get the status for
    format optional yaml, xml or JSON (JSON used by default)

  • Usage:

    GET http://scannerapi.quttera.com/api/v3/<api-key>/blacklist/report/<domain-name>[.json| .xml| .yaml]
    GET http://scannerapi.quttera.com/api/v3/<api-key>/blacklist/report/<domain-name>
    									

  • Example request:

    JSON format (default)
    GET http://scannerapi.quttera.com/api/v3/ABABABABABABABABABABABABABABABAB/blacklist/report/blog.quttera.com
      									

  • Response:

    If requested URL doesn't exist in database, the query returns not-found (404) error.

    If URL was found then its blacklisting status is being returned.

    Returned Parameters:

    error Operation error code
    errorstr Literal presentation of the operation error code
    status::blacklisted Provided URL is blacklisted <yes|no>
    status::url Scanned URL
    status::time Last update time in epoc format
    authority::name Name of the blacklisting authority
    authority::blacklisted Provided URL is blacklisted by the authority <yes|no>

  • Screenshot:
    • $> curl -X GET "http://scannerapi.quttera.com/api/v3/ABABABABABABABABABABABABABABABAB/blacklist/report/blog.quttera.com"  
        {
        "error": 200,
        "errorstr": "success",
        "status": {
      	"blacklisted": "no"
      	"url": "blog.quttera.com"
        },
        {
         "authority": [
      	{
      	"name":"Google Safebrowsing"
      	"blacklisted": "no"
      	},
      	{
      	"name":"Google Safebrowsing V4"
      	"blacklisted": "no"
      	},	
      	{
      	"name":"MalwareDomainList"
      	"blacklisted": "no"
      	},
      	{
      	"name":"Phishtank"
      	"blacklisted": "no"
      	},	
      	{
      	"name":"Quttera Labs"
      	"blacklisted": "no"
      	},	
      	{
      	"name":"StopBadware"
      	"blacklisted": "no"
      	},	
      	{
      	"name":"Yandex Safebrowsing"
      	"blacklisted": "no"
      	},		
      	{
      	"name":"ZeusTracker"
      	"blacklisted": "no"
      	},
         ]
        }   
      }
        												

      Get blacklisting report for the domain

      The Quttera API request and response example for blog.quttera.com

Top

Scanning full URLs

In addition to a domain/website scan, Quttera REST API v3 provides an interface to scan URLs. The URL should be encoded in base64 format and provided in the API request instead of the domain name. Following is a list of API commands used to scan https://blog.quttera.com:443 URL

  • Example request:

    
    $> echo -n 'https://blog.quttera.com:443' | base64
    aHR0cHM6Ly9ibG9nLnF1dHRlcmEuY29tOjQ0Mw==
    
    $> curl -X POST "http://scannerapi.quttera.com/api/v3/ABABABABABABABABABABABABABABABAB/url/scan/aHR0cHM6Ly9ibG9nLnF1dHRlcmEuY29tOjQ0Mw==.json"
    $> curl -X POST "http://scannerapi.quttera.com/api/v3/ABABABABABABABABABABABABABABABAB/url/scan/aHR0cHM6Ly9ibG9nLnF1dHRlcmEuY29tOjQ0Mw==.xml"
    $> curl -X POST "http://scannerapi.quttera.com/api/v3/ABABABABABABABABABABABABABABABAB/url/scan/aHR0cHM6Ly9ibG9nLnF1dHRlcmEuY29tOjQ0Mw==.yaml"
    
    
    $> curl -X GET "http://scannerapi.quttera.com/api/v3/ABABABABABABABABABABABABABABABAB/url/status/aHR0cHM6Ly9ibG9nLnF1dHRlcmEuY29tOjQ0Mw==.json"
    $> curl -X GET "http://scannerapi.quttera.com/api/v3/ABABABABABABABABABABABABABABABAB/url/status/aHR0cHM6Ly9ibG9nLnF1dHRlcmEuY29tOjQ0Mw==.xml"
    $> curl -X GET "http://scannerapi.quttera.com/api/v3/ABABABABABABABABABABABABABABABAB/url/status/aHR0cHM6Ly9ibG9nLnF1dHRlcmEuY29tOjQ0Mw==.yaml"
    
    
    
    $> curl -X GET "http://scannerapi.quttera.com/api/v3/ABABABABABABABABABABABABABABABAB/url/report/aHR0cHM6Ly9ibG9nLnF1dHRlcmEuY29tOjQ0Mw==.json"
    $> curl -X GET "http://scannerapi.quttera.com/api/v3/ABABABABABABABABABABABABABABABAB/url/report/aHR0cHM6Ly9ibG9nLnF1dHRlcmEuY29tOjQ0Mw==.xml"
    $> curl -X GET "http://scannerapi.quttera.com/api/v3/ABABABABABABABABABABABABABABABAB/url/report/aHR0cHM6Ly9ibG9nLnF1dHRlcmEuY29tOjQ0Mw==.yaml"
    
    							

If you have any questions about the API you can chat with us at our Forum or send us an email (support@quttera.com).

Top


Quttera Offers Free, Simple SSL Management for ThreatSign Usersn | Quttera

Blog: Quttera Offers Free, Simple SSL Management for ThreatSign Users

These days, maintaining an SSL certificate without letting it lapse is vital. The Quttera ThreatSign DNS WAF protects you against a broad range of threats and offers you free SSL management.

READ MORE

Using Quttera Web Malware Scanner Plugin to Clear WordPress Malware | Quttera

Blog: Using Quttera Web Malware Scanner Plugin to Clear WordPress Malware

The popularity of WordPress also makes it a target for attacks. Here’s how you can detect and clear WordPress malware with the Quttera Web Malware Scanner plugin.

READ MORE

Q1 2020 Quttera Web Application Firewall Statistics
 | Quttera

Blog: Q1 2020 Quttera Web Application Firewall Statistics

The Quttera Web Application Firewall guards your site against many kinds of cyberattacks, including ones that haven’t been seen yet. Here’s a look at Quttera’s Q1 2020 WAF statistics.

READ MORE



© 2021 Quttera Ltd. All rights reserved.